« Profile Your Code with Xdebug | Main | 8 Defensive Programming Best Practices To Prevent Breaking Your Sites »

phpMyAdmin 2.10.1 Security Release

phpMyAdmin released version 2.10.1 bugfix-only but include also a security fix for an XSS vulnerability. The security level is Less critical according to Secunia advisory which posted a short description of the bug, so updating to version 2.10.1 is kinda recommended.

pma_logo.gif
Input passed to the "fieldkey" parameter in browse_foreigners.php and input passed to the "PMA_sanitize()" function is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Posted by Hatem on April 25, 2007 6:34 AM to General | | View blog reactions

Bookmark this article at these sites
Post a comment





(Email will remain hidden)





Please enter the security code you see here




Related entries
Email to a friend
Email this article to:


Your email address:


Message (optional):